LDAP是輕量目錄訪問協議(Lightweight Directory Access Protocol)的縮寫，LDAP是從X.500目錄訪問協議的基礎上發展過來的．

特點：

LDAP的結構用樹來表示，而不是用表格。正因為這樣，就不能用SQL語句了

LDAP可以很快地得到查詢結果，不過在寫方面，就慢得多

LDAP提供了靜態數據的快速查詢方式

Client/server模型，Server 用于存儲數據，Client提供操作目錄信息樹的工具

這些工具可以將數據庫的內容以文本格式（LDAP 數據交換格式，LDIF）呈現在您的面前

LDAP是一種開放Internet標準，LDAP協議是跨平臺的Interent協議

http://stackoverflow.com/questions/18756688/what-are-cn-ou-dc-in-an-ldap-search

CN = Common Name

OU = Organizational Unit

DC = Domain Component

You read it from right to left, the right-most component is the root of the tree, and the left most component is the node (or leaf) you want to reach.

https://en.wikipedia.org/wiki/LDAP_Data_Interchange_Format

dn

distinguished name

This refers to the name that uniquely identifies an entry in the directory.

dc

domain component

This refers to each component of the domain. For example www.google.com would be written as DC=www,DC=google,DC=com

ou

organizational unit

This refers to the organizational unit (or sometimes the user group) that the user is part of. If the user is part of more than one group, you may specify as such, e.g., OU= Lawyer,OU= Judge.

cn

common name

This refers to the individual object (person's name; meeting room; recipe name; job title; etc.) for whom/which you are querying.

dn: cn=The Postmaster,dc=example,dc=com

objectClass: organizationalRole

cn: The Postmaster